As some of you know, the Federal Trade Commission (FTC) has been hosting a series of roundtable discussions to explore some of our most recent privacy challenges. These challenges are being exposed more and more each day by the ever evolving technology base and combination business practices that help us to collect and use consumer data.

The FTC hopes to hold these roundtables and then use the information gleaned from them to determine how to best protect consumer privacy moving forward while still supporting the uses of new technologies within marketing.

Without realizing it, many of you may be in the midst of these issues identified by the FTC, as you use social networking, cloud computing, online behavioral advertising, mobile marketing, and the collection and use of information by retailers, data brokers, third-party applications, and other diverse businesses.

To date, the FTC has already held two (2) roundtables.

December 7, 2009 in Washington, D.C.: They focused on data collection and use online and offline. They also discussed consumer expectations and the state of self-regulation.

January 28, 2010 in Berkeley, California: They focused on how technology can affect consumer privacy positively and negatively.

A third event will be held on March 17, 2010 in Washington, D.C. It is expected to focus on several things including how to safeguard health data and other sensitive consumer information

Unfortunately, the findings from the roundtable thus far have been alarming. It appears that most consumers are grossly unaware of what happens to the data they submit to marketers. The majority of the time it seems as if they are providing their information to virtual strangers without any regard for their own protection. The public’s understanding of the need for privacy and security of personal information is sorely lacking, and when overlooked, can have startling consequences.

Ultimately, the FTC is investigating the possibility of creating a U.S. Privacy framework to give powers to consumers. This would involve regulations for businesses regarding the collection, processing, transfer, and protection of consumers’ information.

This could result in a process that would require marketers to become hyper-transparent. In this case, as the amount of data the consumer provides increases, so does the number of choices the marketer must allow for the said consumer. The consumer would be provided with more information about what will be done with the personal details they are disclosing as the sensitivity of the information rises. This means the more data that you need to perform your job of catering your marketing plan to them, the more you will have to tell them about how you are going to safeguard and effectively use their information. (read: Your Privacy policy isn't enough anymore.)

In addition, if an FTC Privacy process were to be instituted, marketers would have to be increasingly diligent in protecting their consumers’ information because these consumers’ should be much more aware of how their information should be used. The consumers’ expectations would be more prevalent in deciding who was wronged if a negative event such as a theft, occurred.

Whatever framework the FTC creates in 2010, we can certainly be assured that it will be much broader than today’s form of self-regulating "notice, access, and choice." The FTC has said that the current forms and processes have been helpful in giving customers knowledge about what will happen to their data if given, but as you have heard me say in the past, it has also resulted in privacy policies that only a lawyer may understand. In many cases, the knowledge provided was lost on the average consumer because of its overwhelming scope and language. Given that, you need to be sure that your company’s privacy policy is well-written and geared towards consumers. This policy stands to be a strong marketing opportunity, provided it is treated as such.

Tips for writing a good policy:

Write it for consumers. (Bearing in mind, most do not have a law degree.)

Keep it short.

Index it, or give it headers so readers can find what they want quickly.

Audit the policy at least once a year (and have non-lawyers read it for clarity).

Add “contact us” features in relevant sections of your policy so people with questions can get answers quickly and easily.

Inform customers about policy changes, but be sure to do so before the changes go into effect. Give them a chance to change preferences prior to launch.

Highlight the policy throughout your website and on forms.

Make the information (notice, access, and choice) available as more than just a “read the fine print” option. Use the opportunity to build their confidence.

Do not try to think for the customer. Do not assume that subscribers or visitors will want new information or want you to share their information.

Keep in mind that the customers’ trust and loyalty will grow when you give them some control over their own information.

In the course of the next week, take the time to look into your data collection practices and programs. It is important to understand what sort of U.S based framework would best suit your legitimate business needs, while protecting your consumers’ data. Consider attending the next FTC roundtable to make your voice on this subject heard.